XO automatic clock setting

Martin Langhoff martin.langhoff at gmail.com
Thu Aug 27 13:20:42 EDT 2009 

On Thu, Aug 27, 2009 at 6:36 PM, Daniel Drake<dsd at laptop.org> wrote:
>> Why do both OFW and initramfs check the same thing?
>
> They don't, at the moment. The initramfs trusts whatever OFW said,
> without checking.

Touché -

> But Michael's explanation is quite convincing. According to that
> understanding, it would be reasonable to do it in both places, as your
> patch implements.

Good!

> As a sidenote, I ditched this in the reworked initramfs. It can come

Great - so that's in the dracut module then.

>> Yes. But the XO clocks are not reliable either.
>
> Agreed. My concern is that adding in another set of unreliable clocks
> to our equation is going to add more cases for failure, and some of
> those failures will be very painful.

Ok, so that's something that worries us both - and it is a tradeoff.
Trusting XS clocks (not to malfunction badly) is trusting _less_
clocks in terms of numbers. Each clock with a wider impact if it does
go astray.

>> But the day it happens (that an XS clock is really off) things do go
>> pear-shaped.
>
> Even if they aren't using key delegation?

As you say, if the clients sync to the back clock (with or without
delegation), the XS screws teh clients.

And more subtle interdependencies are starting to grow between XS and
XO. I've tried to keep ensure nothing relies on clock sync, but
something is bound to slip though as XS services grow and the "contact
surface" grows between the 2.

> I guess the recurring theme of my concerns is that the excellent work
> you're doing on delegation does spill over to users who aren't using
> the feature, adding complications and more conditions for failure.

Well, there was a genuine request to have a way to deal with

 - user-'tweaked' clocks used to trick bitfrost
 - dead/flaky rtc batteries

New features, new risks :-/

cheers,



m
-- 
 martin.langhoff at gmail.com
 martin at laptop.org -- School Server Architect
 - ask interesting questions
 - don't get distracted with shiny stuff  - working code first
 - http://wiki.laptop.org/go/User:Martinlanghoff

More information about the Devel mailing list